× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bc7d5d87d8bb087ae8e6af7ecae0d530aeaa1aa193d02999011cb8ee136df9c5
File name: 10c3cafbd92b865e5e5e3551c914c1cb
Detection ratio: 22 / 54
Analysis date: 2014-07-17 12:53:55 UTC ( 4 years, 8 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.416654 20140717
AhnLab-V3 Trojan/Win32.Zbot 20140717
AntiVir TR/Zbot.A.973 20140717
Antiy-AVL Trojan[Spy]/Win32.Zbot 20140717
Avast Win32:Malware-gen 20140717
BitDefender Gen:Variant.Kazy.416654 20140717
Bkav HW32.Keylogger.iqsq 20140717
DrWeb Trojan.Siggen6.20743 20140717
Emsisoft Gen:Variant.Kazy.416654 (B) 20140717
ESET-NOD32 a variant of Win32/Kryptik.CGXM 20140717
F-Secure Gen:Variant.Kazy.416654 20140717
GData Gen:Variant.Kazy.416654 20140717
Kaspersky Trojan-Spy.Win32.Zbot.tnkf 20140717
Malwarebytes Trojan.Agent.FW 20140717
McAfee Artemis!10C3CAFBD92B 20140717
McAfee-GW-Edition Artemis!10C3CAFBD92B 20140716
Microsoft PWS:Win32/Zbot 20140717
eScan Gen:Variant.Kazy.416654 20140717
Qihoo-360 Win32/Trojan.BO.4fb 20140717
Rising PE:Malware.FakeDOC@CV!1.9C3C 20140717
Sophos AV Mal/Generic-S 20140717
TrendMicro-HouseCall TROJ_GEN.R08NH07GG14 20140717
AegisLab 20140717
Yandex 20140716
AVG 20140717
Baidu-International 20140717
ByteHero 20140717
CAT-QuickHeal 20140717
ClamAV 20140717
CMC 20140717
Commtouch 20140717
Comodo 20140717
F-Prot 20140717
Fortinet 20140717
Ikarus 20140717
Jiangmin 20140717
K7AntiVirus 20140717
K7GW 20140717
Kingsoft 20140717
NANO-Antivirus 20140717
Norman 20140717
nProtect 20140717
Panda 20140717
SUPERAntiSpyware 20140717
Symantec 20140717
Tencent 20140717
TheHacker 20140714
TotalDefense 20140717
TrendMicro 20140717
VBA32 20140717
VIPRE 20140717
ViRobot 20140717
Zillya 20140716
Zoner 20140714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © AkelSoft 2003-2011

Product AkelPad
Original name AkelPad.exe
File version 0, 0, 0, 0
Description AkelPad (x86) text editor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-07-15 19:02:50
Entry Point 0x00001C50
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExW
AbortPath
FillPath
GetSystemPaletteUse
EndDoc
GetBkMode
CancelDC
GetTextColor
PathToRegion
GdiFlush
GetFontLanguageInfo
CreateCompatibleDC
DeleteObject
CreateMetaFileW
GetDriveTypeA
VirtualAlloc
GetCurrentProcessId
GetModuleHandleA
GetFileAttributesA
GetParent
LoadBitmapW
GetClipboardOwner
GetShellWindow
ShowWindow
GetSystemMetrics
GetKBCodePage
VkKeyScanA
IsCharAlphaA
IsWindowEnabled
GetFocus
GetSysColor
GetKeyState
GetAsyncKeyState
SendMessageW
PaintDesktop
GetLastActivePopup
IsCharLowerA
IsWindowVisible
SendMessageA
GetDlgItem
GetThreadDesktop
LoadIconA
CountClipboardFormats
CloseDesktop
GetDialogBaseUnits
IsMenu
GetWindowTextLengthW
DestroyWindow
WindowFromDC
Number of PE resources by type
RT_DIALOG 18
RT_GROUP_CURSOR 16
RT_CURSOR 16
RT_STRING 8
RT_ICON 4
RT_BITMAP 3
RT_MENU 2
RT_ACCELERATOR 2
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 42
ENGLISH US 31
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
461312

ImageVersion
0.0

ProductName
AkelPad

FileVersionNumber
4.6.5.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
AkelPad (x86) text editor

CharacterSet
ASCII

LinkerVersion
9.0

OriginalFilename
AkelPad.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0, 0, 0, 0

TimeStamp
2014:07:15 20:02:50+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:07:17 13:53:04+01:00

ProductVersion
0, 0, 0, 0

SubsystemVersion
5.0

OSVersion
5.0

FileCreateDate
2014:07:17 13:53:04+01:00

FileOS
Win32

LegalCopyright
Copyright AkelSoft 2003-2011

MachineType
Intel 386 or later, and compatibles

CodeSize
5632

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x1c50

ObjectFileType
Dynamic link library

File identification
MD5 10c3cafbd92b865e5e5e3551c914c1cb
SHA1 8bca1a8e54f1436b1e05b9c8e845deb37a41283b
SHA256 bc7d5d87d8bb087ae8e6af7ecae0d530aeaa1aa193d02999011cb8ee136df9c5
ssdeep
6144:Oz+FMRV2Y595OciEx0HegM9W2rA5YmfVQg+QtO83:Oz02V/EPgOegQJtvQtOI

imphash 29077603d4ed9e40f4f07f7098f23199
File size 456.0 KB ( 466944 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-07-17 12:53:55 UTC ( 4 years, 8 months ago )
Last submission 2014-07-17 12:53:55 UTC ( 4 years, 8 months ago )
File names 10c3cafbd92b865e5e5e3551c914c1cb
AkelPad.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.